Monday, November 06, 2006

Wikipedia link led to virus site

The free-for-all nature of Wikipedia has not only left it open to plagiarism; it's also made the encyclopaedia a vehicle for spreading malware.

Recently, hackers edited an article on the German edition of Wikipedia to include a link to malicious code, disguising it as a fix for a supposedly new version of the notorious Blaster worm.

This was coupled with a spam email sent out to German computer users, claiming to come from Wikipedia. It directed those who wanted to find out more information on the new virus to the bogus entry.

This questionable activity was soon picked up by Wikipedia administrators, who have since edited the offending story to remove the malware link. The page was also removed from Wikipedia's archive.

Security firm Sophos said that the openness of Wikipedia is to blame, and urged users to ensure that they have appropriate defences in place to protect their computers.

"The very openness of websites like Wikipedia - which allow anyone to edit pages - makes them terrific, but can also make them less trustworthy," said Graham Cluley, senior technology consultant at Sophos.

"In this case, it wasn't just that the information posted in Wikipedia's articles was misleading, it was downright malicious."

The incident follows revelations last week that dozens of biographical articles published on Wikipedia contain passages copied from other sites.

Daniel Brandt, a Wikipedia critic, found the examples of suspected plagiarism by plugging a few sentences from 12,000 Wikipedia articles into Google. He ended with a list of 142 offending pieces, which he sent to Wikipedia.

Several of the stories have since been removed pending a review.

Brandt began his crusade against Wikipedia after an unflattering biography of himself was posted on the site.

"They present it as an encyclopedia," Brandt told the Associated Press on Friday.

"They go around claiming it's almost as good as Britannica. They are trying to be mainstream respectable," he said